Download PDFOpen PDF in browserCurrent version

From Uncertainty to Prosecution: Enhancing Cyber Resilience Through Forensic Readiness

EasyChair Preprint 15328, version 1

Versions: 12history
16 pagesDate: October 29, 2024

Abstract

Organizations relying on digital services must acknowledge that their systems will fail at some point, and if they have not been victims of cybercrime yet, they will be. Cyber resilience is an approach that prepares to withstand and recover from system failures and incidents. To recover from a system failure, the incident's root cause must be understood to mitigate it properly. Thus, there is a need to investigate the incident. An investigation is also essential to hold individuals accountable for malicious incidents in a court of law. The cost of an investigation and the evidential value of digital evidence can depend on how forensically ready an organization is. This apparent connection between cyber resilience and forensic readiness made us question these concepts' interconnection. We conducted a focused literature review and examined relevant legislation, standards, and frameworks to identify the connection between cyber resilience and forensic readiness. Our research shows that the need to determine the root cause of an incident to mitigate it properly is central and that frameworks do not sufficiently address holding individuals responsible for malicious incidents accountable in a court of law. Our main contribution is to show how forensic readiness is a crucial component of cyber resilience and how a systematic investigation is central to incident response. We also propose introducing redress as a core function in the NIST Cybersecurity Framework as a first step to ensure criminals are held accountable for their actions.

Keyphrases: Cyber Resilience, Cybercrime, Cybersecurity Framework, criminal investigation, forensic readiness, investigation, law enforcement

BibTeX entry
BibTeX does not have the right entry for preprints. This is a hack for producing the correct reference:
@booklet{EasyChair:15328,
  author    = {Odin Heitmann},
  title     = {From Uncertainty to Prosecution: Enhancing Cyber Resilience Through Forensic Readiness},
  howpublished = {EasyChair Preprint 15328},
  year      = {EasyChair, 2024}}
Download PDFOpen PDF in browserCurrent version